I am currently working as a Network Engineer. I currently have A+/N+/S+ CCNA and CCNA:S and I am currently working on CCNP and CCNP:S. I have 5 years of IT experience (about a 8 months as a Network Engineer and 1 year as a Network Security Admin). I have some experience in windows and linux (very little) as well as BSD. I have worked with Cisco, sonicwall and windows firewalls as well as a many different switch and router brands. After I finish those two I want to start working on actual Infosec certifications. Basically somethings to round me out before I go full steam ahead into CCIE:S (which is changing this year so I want to wait until new material somes out). I am quite interested in Wireless networking. CWNA/CWSP interest me quite a bit but I am having second thoughts due to the popularity level of the certs. I'd like to hit a SANS exam but I am somewhat broke. OSCP interest me as well and would be closer to reasonable for me to pay for but I would need to wait until I am done with school (so about October/November). I have the elearnsecurity course (student not pro). Linux+ interest me. CISSP is very popular around here (and everywhere else) but it does not interest me at all. Anyone have any other suggestions? For those who have made the leap from Network Engineering to Security what skillset did you have and what certs/study materials helped you build that skillset?

Do you want to pen test? I took the same road... you've got good ops experience which is nice but keep in mind if you're looking for a job, certain certs carry more notoriety than others. I'd recommend doing a "HR approved" one and then one that really interests you. OSCP is awesome for example, but no one you interview with may know what it is, sadly.

ajohnson wrote:What specifically do you want to focus on within the realm of security?

More of the same I suppose. I think security analysis focusing on the router/switch/wap/firewall/ips/ids side would be fun. I'd love to get to work on the security provider space. I have worked with HIPS and enterprise AV solutions as well. So that would be fun.

I don't know I am interesting in Pentesting fulltime but I do want to make that a part of my job.

Last edited by knwminus on Wed Feb 22, 2012 9:39 pm, edited 1 time in total.

Sounds like you should pursue a security ops gig. You could do all the things you mentioned and even incident response/handling. I think SANS is your best course of action if you don't want the CISSP (I don't blame you). Maybe someone else has another idea but I'm just not sure of another place you can get ops style certs... cue another ehneter!

I'm with you, cd1zz. I think GCIA would be the way to go (with GCIH being a nice compliment).

Unfortunately, CISSP is going to be a necessity at some point. For better or worse, it carries a lot of weight with management and HR. You'd be doing yourself a disservice if you don't have it on the road map somewhere.

Just be careful not to spread yourself too thin. I think you'll have more than enough to do with your Cisco studies for the foreseeable future.

OSCP is 100% pen test focused but it can also open your eyes into what security issues are possible if you have no experience with the offensive side of things. I think that perspective is key to securing an environment. My 2 cents.

Right. You can't defend against things you don't understand. It's important to understand offense and defense, regardless of which side of the fence you actually end up on.

OP, you really need to evaluate the ROI on some of these miscellaneous certifications. Is Linux+ going to make a difference for someone with multiple pro-level Cisco certs, or who someone is a CCIE and CISSP? I could see it being useful if you're aiming to have a CCNP five years from now, but you make it sound like those are just around the corner.

I'm speaking from experience. I've passed 30 exams, and after being cert-crazy for a few years, you realize how many were unnecessary. I'm glad I have the knowledge, but I think my money could have been better spent (like you, I fund these studies myself). It also stings now that renewal time is approaching. I'm probably going to let all certs that aren't Cisco (since you can renew them all with one exam) or security fall by the wayside. Since you have limited funds, I think you should go for a GCIA challenge instead of a handful of less prestigious credentials. Just my opinion.

Is Linux+ going to make a difference for someone with multiple pro-level Cisco certs, or who someone is a CCIE and CISSP? I could see it being useful if you're aiming to have a CCNP five years from now, but you make it sound like those are just around the corner.

I'm speaking from experience. I've passed 30 exams, and after being cert-crazy for a few years, you realize how many were unnecessary. I'm glad I have the knowledge, but I think my money could have been better spent (like you, I fund these studies myself). It also stings now that renewal time is approaching. I'm probably going to let all certs that aren't Cisco (since you can renew them all with one exam) or security fall by the wayside. Since you have limited funds, I think you should go for a GCIA challenge instead of a handful of less prestigious credentials. Just my opinion.

I know you have more certs than probably anyone so you would have the best experience in this particular subject

Oh and when I say right around the corner I mean this year. CCNP R/S in may and CCNP:S a couple of months after that (I work with a ton of ASAs).

What would you consider "less prestigious"? CWNA/CWSP or were you talking about Linux+ exclusively? I work for a wireless company (cellular) but I don't work with any of the wireless gear nor do we own our own GGSNs etc.

You'll have to go with your gut on some of those. They're certainly not as recognized as CISSP, pro/expert Cisco, or GIAC certs in general, but they could certainly carry some weight with the appropriate crowd. Does your company do a lot with 802.11? You're not going to be covering cellular in CWNA or CWSP. Unless you have an immediate need for them, or expect to move into a new position where they would greatly benefit you, I wouldn't bother.

Also, CWSP was totally a let down on the offensive side (nothing against CWNP; my expectations were way off). It's gone through a revision since I took it (which does look somewhat better), but you spend a lot more time dealing with the various EAP flavors than anything related to attacks. It's important material if you're tasked with implementing secure wireless solutions, but it was too bland from my perspective. I'd recommend OSWP and/or GAWN as alternatives.

ajohnson wrote:You'll have to go with your gut on some of those. They're certainly not as recognized as CISSP, pro/expert Cisco, or GIAC certs in general, but they could certainly carry some weight with the appropriate crowd. Does your company do a lot with 802.11? You're not going to be covering cellular in CWNA or CWSP. Unless you have an immediate need for them, or expect to move into a new position where they would greatly benefit you, I wouldn't bother.

Also, CWSP was totally a let down on the offensive side (nothing against CWNP; my expectations were way off). It's gone through a revision since I took it (which does look somewhat better), but you spend a lot more time dealing with the various EAP flavors than anything related to attacks. It's important material if you're tasked with implementing secure wireless solutions, but it was too bland from my perspective. I'd recommend OSWP and/or GAWN as alternatives.

We do work with 802.11. As a VAR we resell some motorolla and aerohive gear so it isn't like the knowledge would be completely wasted. I don't work with 802.11 daily (or weekly). Also I thought CWNA covered more than 802.11. Doesn't it cover basic wireless theory for all wireless networks?

I guess I see your point. GCIA would be so sexy and I have drooled over it for almost a year now. I know a few guys who have taken it and even a few who have challenged (at one point weren't you going to do it? ) I'm just a little gunshy of a $900 bullet.

I've looked at the jobs. Most of them want the skills I have described (*nix, packet analysis, wireless, etc). But that doesn't mean I should certify in all of those areas. I guess most bang for my buck is what I am looking for. I know CISSP would offer that but I want to be a bit more rounded before I take it.

I thought about it and I think I might need to just go back to my original goal (regardless of what Cisco's security marketshare is doing btw the shrinking marketshare is the reason why I made this thread).

knwminus wrote:I guess I see your point. GCIA would be so sexy and I have drooled over it for almost a year now. I know a few guys who have taken it and even a few who have challenged (at one point weren't you going to do it? ) I'm just a little gunshy of a $900 bullet.

Yea, I'm going to challenge it within the next 2-3 months; it's one of my last GSE requirements. I got 79.33% on a practice test that was gifted to me last July. I didn't prepare or have any resources besides a few books I had nearby, so I *hopefully* won't have too much trouble with it. I plan on putting a lot of time into creating tcpdump, Scapy (not on the test, but a great learning tool), and Snort challenges and instructional demonstrations on my blog over the next couple of months.